[wp-trac] [WordPress Trac] #12416: *_option(), *_transient() and *_meta() functions should all expect unslashed data.
WordPress Trac
wp-trac at lists.automattic.com
Sun Feb 28 01:31:21 UTC 2010
#12416: *_option(), *_transient() and *_meta() functions should all expect
unslashed data.
-------------------------------+--------------------------------------------
Reporter: Denis-de-Bernardy | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.0
Component: Security | Version: 3.0
Severity: blocker | Keywords:
-------------------------------+--------------------------------------------
Comment(by Denis-de-Bernardy):
Here's one where we might be passing unslashed garbage straight into
MySQL:
{{{
function maybe_add_existing_user_to_blog() {
if ( false === strpos( $_SERVER[ 'REQUEST_URI' ], '/newbloguser/'
) )
return false;
$parts = explode( '/', $_SERVER[ 'REQUEST_URI' ] );
$key = array_pop( $parts );
if ( $key == '' )
$key = array_pop( $parts );
$details = get_option( "new_user_" . $key );
add_existing_user_to_blog( $details );
delete_option( 'new_user_' . $key );
wp_die( sprintf(__('You have been added to this blog. Please visit
the <a href="%s">homepage</a> or <a href="%s">login</a> using your
username and password.'), site_url(), admin_url() ) );
}
}}}
--
Ticket URL: <http://core.trac.wordpress.org/ticket/12416#comment:6>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list